We at Rockwatch are committed to protecting your privacy and ensuring the personal information you have entrusted to us is processed in accordance with the Data Protection Act 1998 and the Electronic Communications Regulations 2003. These laws are being updated in May 2018 to strengthen your rights and give you control over the personal information that organisations hold about you.
Information We Collect
We collect your personal information in the following ways:
When you Give it to Us Directly
You may provide us with your personal information directly in the following ways:
- Joining Rockwatch as a member
- In person, by email, phone, through the post or at an event
- Contacting us through our websites
- Through social media
- Signing up to receive our email promotions
- Making a purchase through our websites
- Making a booking through our website
- Entering a Rockwatch competition
When you Give it to Us Indirectly
We routinely work with trusted partners and suppliers who work with us on our behalf, such as when you sign up to our email subscription provider, Mailchimp which allows us to keep in touch with you easily by email.
When you engage with our social media accounts we may also obtain your personal information, such as through Facebook or Twitter depending on your settings or the privacy notices of these platforms and messaging services. You can change your settings by referring to their privacy notices for details on how to do this.
When you Visit Our Websites or Social Media
When you visit our websites, we gather general information about how you use them, as well as information about the type of device you are using to access them (e.g. phone, tablet or PC). This data helps us to create a better online experience for you, to make it easier to find what you’re looking for or fix things if they are difficult to use.
When Your Information is Available Publicly
To help us to tailor the way we communicate with you about our activities and to make communications more relevant to you we may gather publicly available information about you. This area of activity is not something Rockwatch typically does though we may do so in the future. This could be your interests or postcode based demographics, for instance so that we gain a better understanding of you and can help reduce unnecessary communications to you and be more cost-effective in our marketing. We may gather this information from social media platforms such as Facebook or Twitter. This information is only accessible based on the permissions you give these services and you will be able to change those permissions at any time by reviewing your privacy settings on those platforms.
The Legal Basis for Processing your Personal Data
The legal basis for processing the personal data of Rockwatch members is legitimate interest which means that we have respectfully considered the need to process your personal data and your rights as an individual when carrying out these data processes and we believe our contact with you is linked to legitimate organisational purposes (outlined below).
The legal basis for processing the personal data of non members is Consent which means Rockwatch can only contact you if you have given us permission to do so.
Personal Data about Children
We are committed to safeguarding all children who are members of Rockwatch or who visit our websites and in recognition of the need to provide additional privacy protections for children to ensure their privacy and safety is achieved we adhere to the following guidelines:
- Written permission from parents or guardians will be obtained before photographs, names and videos of children and young people are published on Rockwatch websites.
- No other private information about children is published on our websites (e.g. contact details).
- Parents or guardians must give consent before we publish children’s work in the Rockwatch magazine.
- A parent or guardian must attend Rockwatch events with their children.
- Children must be over the age of 13 to follow us on Facebook and Twitter.
- Children must be over the age of 13 to subscribe to our email subscription list.
We do not knowingly collect, use or disclose personal information about users under age 13 except as permitted by law.
How We Use Your Personal Information
We collect relevant personal information depending on the interaction you have with us. Personal information is anything that can be used to identify you as an individual. It can include your name, email address, postal address, telephone numbers, names of parents or guardians, names and dates of birth of your children, and whether you are a UK Tax Payer. These personal details may be obtained for any of the following reasons:
- to process and fulfill all membership activities including administering the member database, distributing the membership packs, magazines and other printed literature and managing event bookings.
- to process all orders or enquiries you place with us through our website, by post, in person or by telephone.
- to keep a record of your relationship with us and for administrative purposes (such as our accounting and consent
- record-keeping to ensure we know when you prefer not to be contacted).
- where the processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the benefit of our members.
- to identify and prevent fraud.
- to enhance the security of our network and information systems.
- to better understand how people interact with our websites and improve their browsing experience by personalising the websites.
- to send marketing information to you which we think may be of interest to you by post, email, SMS or other means.
to determine the effectiveness of promotional campaigns and advertising.
How We Store Your Information and Keep it Safe
Rockwatch takes data protection very seriously. We make it a priority to ensure that we have the right level of controls, interventions and processes in place to ensure we keep your personal information safe. However, the nature of data transfer – especially online – is never fully secure, so we cannot guarantee the complete security and protection of it when it is outside of our control. Be assured that once we have your personal information, we do all we can to ensure that we have the systems and processes in place to safeguard it including using encryption when needed.
Personal data you provide to us is stored on our secured servers within the EEA.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping the password confidential. We ask you not to share a password with anyone.
Only authorised staff have access to your personal information, and only if essential. They are trained to understand the policies, processes and protocols for keeping your information safe.
We have robust internal procedures for storing, protecting and deleting any paperwork relating to our members and contacts.
At times we may share links to other websites and use social media platforms such as Facebook and Twitter. We are not responsible for these sites – refer to their own privacy policies to learn more.
Credit and Debit Card Payment Information
When you order from us online Rockwatch ensures that this is done securely through the PayPal site. Payment card details are never recorded or stored in any of our systems on completion of your transaction. If you have any questions about the security of your personal information, you can contact us at email@example.com
In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.
How Long We Keep Your Data
Rockwatch will only keep your personal information for as long as it is required and in accordance with statutory requirements. For example, HMRC requires that we keep a record of all financial interactions and your name and address for seven years from the date of your last transaction.
When there is a legitimate interest for us as the Data Controller to retain your personal information such as to inform or communicate with you as a member, we shall retain the personal information for this purpose only. Where the information is no longer required, we will ensure that it is disposed of in a secure manner.
Basic membership details including your name and the years you were a member are retained by Rockwatch for historical purposes.
If you have indicated that you do not wish to hear from us in the future, we will keep the minimum information necessary to ensure we avoid contacting you any further.
Who We Share Your Information With
Rockwatch Management Committee and Geological Association
As the junior club of the Geologists’ Association (GA), Rockwatch has been under the auspices of the GA since 2001 and it is managed by a Management Committee of Elected Trustees. Data may be shared with the Rockwatch Management Committee and GA as part of its leadership roles.
We reserve the right to use or disclose your personal information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.
Sharing Your Information with Trusted Third Parties
We share your personal information with trusted partners and third parties when it is necessary to send you your full membership benefits (such as using a distributing house to post you Rockwatch magazines).
We monitor information security compliance and require all partners or third party providers to process your personal information only on our instructions and in accordance with applicable data protection and privacy laws.
How to Access Correct or Delete Your Personal Information
Rockwatch acknowledges that you have the right to access your personal information and we are responsible for correcting, deleting or updating information that we have collected.
Upon request and subject to proof of identity Rockwatch will provide you with information about whether we hold any of your personal information. If your contact details change, or you believe the information we hold about you is out of date or inaccurate, please get in touch to update us in the following ways:
Rockwatch at the GA, Burlington House, Piccadilly, London W1J ODU.
or telephone: 0207 734 5398
We will respond to your request within a reasonable time frame and notify you of the action we have taken. Actions will be carried out within a month, and the likelihood is it will be much sooner.
Your Marketing Preferences
Communication to Rockwatch Members
We believe we can use legitimate interest as the legal basis for processing members’ personal data. However, we respect members’ individual preferences and therefore they have the right to opt in or opt out to receive their communications either by email, post, telephone or texts.
We will use a member’s personal data to send:
- Rockwatch Magazines – for hard copies, postal addresses are sent to the printer for the address labels, for each issue.
- Subscription information will be available electronically or by post. Members will be informed (by email or post) when there is a change in subscription rates. Also, these subscription rates will be on the Rockwatch website.
- Subscriptions via Direct Debit – Rockwatch holds bank details of members who pay subscriptions by Direct Debit for 7 years (or as required by law). The information will be stored securely and deleted when an order is cancelled.
- Gift Aid – personal details of members are sent to HMRC (title, name, address and postcode) to enable Rockwatch to reclaim UK tax on subscriptions and donations made under Gift Aid. HMRC requires Rockwatch to retain information about this declaration for seven years.
- Rockwatch news – notices about festivals, conferences, lectures, fieldtrips, geological news and geological events held by Rockwatch and other geological organisations will be circulated electronically to members who wish to receive communications by email through our email subscription service, Mailchimp and as an event flyer with your Rockwatch magazines.
- Payments by Members – we do not retain any payment card details from subscriptions and purchases made online. All payments are handled securely by PayPal.
Communication to Non Members
However you contact Rockwatch we will reply using your preferred means of communication, either by email, post, telephone or texts.
If you are not yet a member of Rockwatch but you subscribed to our email subscription service we will send you infrequent marketing emails. You may unsubscribe from our marketing communications at any time by clicking on the ‘unsubscribe’ link located on the bottom of our emails.
We will only post you marketing materials if you have told us you are happy to receive this information by post.
We do not specifically carry out telephone or SMS marketing activities to non members.
Rockwatch is committed to respecting your choice to receive marketing information. You can update your permissions and contact preferences at any time by calling our friendly team on 0207 734 5398/ Emailing firstname.lastname@example.org.
Changes to this Policy and Contacting Us About this Policy
If you have any questions about this policy or our treatment of the information you provide us, please write to us by mail to Data Protection Officer, Rockwatch at the GA, Burlington House, Piccadilly, London W1J ODU or email us at email@example.com or telephone: 0207 734 5398.
You also have the right to lodge a complaint with the Information Commissioner’s Office about how we manage your data. You can contact them in the following ways:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Tel: 0303 123 1113